Hungarian political party – €34,375 Fine (Hungary, 2019)

€34,375Nemzeti Adatvédelmi és Információszabadság Hatóság5 April 2019Hungary
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

A Hungarian political party was fined for not reporting a data breach and failing to inform affected individuals. This is important because it stresses how crucial it is for organizations to follow data breach notification rules. It serves as a warning to ensure systems are secure and breaches are properly documented and reported.

What happened

A Hungarian political party failed to notify authorities and individuals about a data breach caused by a cyber attack.

Who was affected

Over 6,000 individuals whose data was exposed due to the breach.

What the authority found

The Hungarian authority fined the political party for not reporting the breach and failing to document it as required by GDPR.

Why this matters

The case underscores the necessity of promptly reporting data breaches and maintaining proper documentation. Organizations should prioritize cybersecurity and compliance with notification requirements.

GDPR Articles Cited

Art. 33(1) GDPR
Art. 33(5) GDPR
Art. 34(1) GDPR
Hungary enforcementNemzeti Adatvédelmi és Információszabadság Hatóság actionsAll Hungarian political party actions
Full Legal Summary
Detailed

NAIH imposed a fine of HUF 11,000,000 (EUR 34,375) on an undisclosed Hungarian political party for failing to notify the NAIH and relevant individuals about a data breach, and failing to document the breach according to GDPR Article 33.5. As mandated by law, the fine was based on 4% of the party's annual turnover and 2.65 % of its anticipated turnover for the coming year. The breach was the result of a cyber attack by an anonymous hacker who accessed and disclosed information on the vulnerability of the organisation’s system – a database of more than 6,000 individuals – and the command used for the attack. The system was vulnerable to attack because of a redirection problem with the organisation's webpage. After the attacker published the command, even people with low IT knowledge were able to retrieve information from the database.

Related Enforcement Actions (0)

No other enforcement actions found for Hungarian political party in HU

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

5 April 2019

Authority

Nemzeti Adatvédelmi és Információszabadság Hatóság

Fine Amount

€34,375

Enforcement Tracker ID

ETid-38

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Hungarian political party - Hungary (2019). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: